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(57) Abstract: An apparatus for generating and providing services from a network to a user device including a POTS device and a 
computer. The apparatus includes a port for providing a physical interface to the network, an access controller coupled to the port, 
and a network controller coupled to the access controller, the access controller and the network controller being coupled to the user 
device. 
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FIG. 1 illustrates a conventional system in which DSL customers connect 
their local area network (LAN) 100 to the Internet 130 through an access 
provider, which is often a competitive local exchange carrier (not shown), and an 
Internet Service Provider (ISP) 120. The access provider maintains the network 
5 105. The ISP 120 delivers services that travel over the access provider's network 
105. 

FIG. 2 illustrates the conventional architecture ISP 120. Original ISP 
content along with incoming Internet content is routed from a router/firewall 
140 through line 160 and, ultimately, to the customer premises. Conversely, 

1 0 customer Internet packets are routed into ISP servers 210 though 250 and if 
necessary back out through router/ firewall 140 and a line 170 and onto the 
Internet. The servers 210 through 250 provide services such as web, email, 
caching, domain name, and FTP, respectively. Thus, an essential aspect of the 
prior art is that all Internet-related services provided by ISP 120 flow through the 

15 ISFs router/firewall 140 and through the servers 210 through 250. One problem 
with this approach is that typically, ISFs oversubscribe lines 160 and 170, which 
often results in diminished data transmission rates for the end customer. 
Another problem is that the centralized nature of servers 210 through 250 raises 
privacy and security concerns for the end customer. 

2 0 With reference to FIG. 1 a number of computers 190 including a Local 

Area Network (LAN) 100 are shown connected to an integrated access device 
(IAD) 180. Alternatively a single computer 190 may be connected directly to IAD 
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180 (not shown). The IAD 180 is further operable to carry VoIP communication 
and thus analog Plain Old Telephone Service (POTS) devices 195 are coupled 
directly or through a Private Branch Exchange (PBX) 192 to IAD 180. 

The access provider aggregates (Le., multiplexes), via a Digital Subscriber 

5 Line Access Multiplexer (DSLAM) 110, data from several customers for the ISP 
120 into a backbone network connection 115, such as a DS3, OC3, or Tl. 
Customer data is then be routed out of the backbone 115 and into a regional 
packet network 125 that is appropriate for the location of the ISP 120. From the 
regional packet network 125, the data travels over line 160 coupled to the ISP's 

1 0 router/firewall 140. Within the ISP 120 the data is routed through a bank of 

servers 150 to line 170 for delivery to the Internet 130. A reverse path is followed 
for content originating at the Internet 130 and destined for the customer 
premises. 

In similar fashion, VoIP communication is routed from the backbone 115 
15 to a regional packet network 135, which is appropriate for the location of a voice 
gateway 145. The voice gateway 145 converts the packetized VoIP 
communication back to an analog signal and, through a Class 5 switch 155, sends 
it through to a PSTN 165. 

The prior art suffers from many deficiencies, chief among them the fact 
2 0 that configuring a highbandwidth access device such as a DSL modem or an 
IAD 180 to function with a desktop computer 190 is not a simple task. 
Configuring the system often requires physically connecting the IAD 180 to the 

3 
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computer motherboard, and reconfiguring the desktop operating system, neither 
of which are typically simple, straight-forward tasks for an end user. 

What is needed is a low cost, easily installed device that integrates 
Internet server functionality with highbandwidth access thus providing the 
5 capability to bypass the ISP 120 and rotte Internet traffic directly to the Internet 
130. Such a device would preferably provide enhanced accessibility to the 
Internet for end customers. Such a device would further advantageously 
function as a peripheral to a personal computer allowing access providers, small 
to medium-size businesses, and residential users to eliminate server costs and 
1 0 complexity, and essentially become their own Internet service provider. 

Additionally, such a device would provide voice and integrated dial-up services. 
Finally such a device would provide increased privacy and security and rapid 
deployment of high-bandwidth Internet access. 
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ST TMMARY OF THE DISCLOSURE 
An apparatus in accordance with the invention generates and provides 
services from a high bandwidth network to a user device. The apparatus 
5 includes a port for providing a physical interface to a high bandwidth network, 
an access controller coupled to the port, and a network controller coupled to the 
access controller, the access controller and the network contoller being coupled 
to a user device. The apparatus generates and provides services to the user 
device without the need of connecting the user device to the high bandwidth 

1 0 network through an ISP. 

In a preferred embodiment of the invention the apparatus includes a 
network presence device (NPD). The NPD is configured as a lowest device 
that is simple to install and to manage, essentially a "plug and go" device. It 
includes all of the functionality necessary to operate as a secure and private 

1 5 integrated Internet access and server device over a high bandwidth connection to 
the Internet, such as DSL. In this manner the NPD provides functionality for 

bypassing the ISP. 

The NPD includes a dual controller architecture having two controllers 
coupled by a programmable logic device. The access controller provides analog 
2 0 services to a plurality of analog devices including POTS devices and facsimile 
machines. The network or Internet controller provides Internet services to a 
plurality of computer devices. Suchservices include a web server, a webbased 
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configuration user interface, email server, a web-based e-mail reader, a firewall, 
a Dynamic Host Configuration Protocol server, a Network Address Translation 
server, an FTP server, a telnet server, an SNMP serve, an integrated back-up 
application, video multicasting gateway, and an auto-configuration daemon. 



6 
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tvptatt ED DESCP TPTTON OF PREFERRED FMBODIMENT3 
FIG. 3 illustrates a system according to one embodiment of the invention. 
5 DSLAM 110 communicates, via badcbone 115, directly with the Internet 130. A 
network presence device (NPD) 300, shown coupled to LAN 100 and other POTS 
devices at the customer premises, is coupled to DSLAM 110. NPD 300 includes 
integrated server functionality as further described herein. Remote NPD 
management system 310 provides for remote management of NPD 300 as well as 
10 functioning as auxiliary data storage. Thus management and configuration of 

NPD 300 occurs in a centralized fashion so that individual customers do not have 

to deal with such tasks. 

FIG. 4 depicts a preferred hardware architecture of the NPD 300. NPD 300 
includes an access controller 406 for high bandwidth routing and POTS access 
15 andanetworkormtemetcontioner416forInternetandserverap P Ucations. The 

access controller 406 and the Internet controller 416 intercommunicate via LAN 
transmission technology, such as Ethernet, embodied in a programmable logic 
device (PLD) 418. The NPD 300 provides a physical interface with a multiplexer, 
such as DSLAM 110 which is conventionally located at a telephone service 
2 0 central office. In addition, the nNPD300 provides the applications and 
processing capacity necessary to maintain an Internet presence. In this 
description, the architecture of the NPD 300 will generally be referred to as 
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access architecture to reference the architecture and functionality of the NPD 300 
to the DSLAM 110 side of the PLD 418, and server architecture to reference the 
architecture and functionality to the LAN 100 side of the PLD 418. 

The access architecture includes a high bandwidth port 402 for connecting 
5 the NPD 300 to a high bandwidth (e.g., ADSL, DSL, or Tl) transmission line 
provided by an access provider, iypically through DSLAM 110. Additionally, a 
management port 404 provides a physical interface and protocol necessary for 
communication between a computer (not shown) and the NPD 300. The 
connectivity offered by the management port 404 and high bandwidth port 402 

1 0 allows a user to access NPD 300 software applications (e.g., mail, web sorer, 
operating system, etc.). The management port 404 provides a means by which 
the NPD 300 can be configured, managed, and diagnosed locally. Alternatively, 
the configuration, management, and diagnostic functions can be performed 
remotely through high bandwidth port 402. 

1 5 The management port 404 provides capability to communicate with both 

the access and server architectures, via PLD 418. The interface standard utilized 
by management port 404 is preferably the RS232 standard. 

An access memory 408 coupled to access controller 406 provides storage 
of at least an operating system and a communication protocol stack. SDRAM 

2 0 and flash memory are suitable for use as the access memory 408 to utilize the 
inherent properties of these types of memory. 
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The NPD 300 includes multiple analog ports 410 for connecting analog 
devices such as a PBX 192, or speakerphones and fax madunes 195 either directly 
into the NPD 300 or through a PBX 192. A codec 412 converts the analog signals 
coming from analog devices 190 and 192through analog ports 410, to digital 
5 signals and vice versa. Digital signals are processed by a digital signal processor 
(DSP) 414. The DSP 414 also functions as an interface for the digital signals 
transmitted between the codec 412 and the access contoller 406. Finally, the 
access architecture intercommunicates via at least one data bus (not shown). 
The access architecture communicates with the server architecture 
1 0 through PLD 418, which f acilitates a data transmission protocol such as 

Transmission Control Protocol/ Internet Protocol (TCP/IP). In one aspect of the 
invention the NPD 300 includes two motherboards connected through an 
Ethernet interface which allows communication between the motherboards. The 
motherboards generally correspond to the access controller 406 and the Internet 
1 5 controller 416. This embodiment of NPD 300 contributes to commercially 

advantageous features, for example, low risk and high reliability of the NPD 300 
and ease of administration/ diagnosis for the user, through use of wfl known 
technologies and components. 

The NPD 300 includes the Internet controller 416 which provides Internet 
2 0 services such as described herein. The NPD 300 includes random access memory 
(RAM) 420 for temporary storage of program instructions, files, ari other data, 
and a non-volatile storage device 422, such as a magnetic hard disk, for storage 

9 
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of data and applications, for example, an operating system, mail and Internet 
server applications, personal computer applications, and HTML documents. In 
one aspect of the invention, the NPD 300 includes a PoweiQUICC MPC855T 
processor available from Motorola, Inc. of Schaumburg, IL, coupled with 32 
5 Megabytes of RAM and a 10 Gigabyte hard drive for providing adequate 

resources for storing and executing a Linux opcating system, as well as the web 
applications discussed herein. 

NPD 300 includes a communication port 424 for providing a physical 
interface supporting facsimile reception and transmission through a fax modem 

1 0 470 and a mail application. This feature is beneficial in that it eliminates the need 
for a separate fax machine. In addition, the communication port 424 supports 
Point-to-Point Protocol (PPP) for dial-up communication with the NPD 300 from 
a remote device, thus enabling remote network access. 

Network ports 426 are included in NPD 300 for providing an interface 

1 5 between the NPD 300 and a personal computer 190 connected directly or 
through a LAN 100. The network ports 426 are coupled to a hub 428 for 
managing and routing communication from the conneted computers to the 
Internet controller 416. In one aspect of the invention, NPD 300 includes a 4port 
10/100 dual speed hub to provide an interface for connected devices. 

2 0 The NPD 300 provides means by which a minimal amount of effort is 

required to configure the NPD 300 in a functional system configuration. Merely 
connecting the NPD 300 to a high bandwidth communication line through high 
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bandwidth port 402 and to one or more computers through a network port 426 
are the only steps necessary for a compldely functional installation of NPD 300. 
The necessary software applications, network connectivity and routing software 
to access and utilize the Internet are all provided within the NPD 300. In 

5 addition, the NPD 300 may be remotely diagnosed and managed through a 
remote server, employing methods, which are described in a separate 
commonly-owned provisional application, Ser. No. 60/226,417, entitled "Remote 
Management of an Integrated Network Access and Server Device", filed on 
August 18, 2000, the disclosure of which is hereby incorporated by reference. 

1 o FIG. 5 illustrates software aspects of NPD 300. Software applications 

running on an operating system platform 500, such as Linux, provide at least the 
following features in addition to those disclosed above: 

(1) A secure web server 530 (also known as an HTTP server). The web 
server 530 transmits web pages to user computers 190 through the hub 428, 

15 network ports 426, and the LAN 100 and can be configured with user scripts to 
create a personalized networkpresence for the user. With a web server 530 the 
NPD 300 can execute numerous webbased applications 535, several of which are 
shown in FIG. 5 and disclosed herein. 

(2) A web or LAN based user interface 545 for configuration and control of 
20 the NPD 300, presented to the user at a local or remote display monitor through 

the LAN 100 or through management port 404. As with any web-based 
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application, client components of the user interface 545 are provided through an 
HTTP server 530. 

(3) An electronic mail server 550 with Pretty Good Privacy (PGP). The 
NPD 300 directly routes e-mail between the user and the DSL AM 110 bypassing 

5 an ISP and its associated security and privacy deficiencies. 

(4) A web based electronic mail reader 555 for reading e-mail. Client 
components of the mail reader 555 are sent via the HTTP server 530. 

(5) A firewall 510, which is one or more application programs for 
protecting resources on a private network from users of other networks. The 

1 0 firewall can be integrated with connected commurication peripherals, such as 
audio conference phones and/or videoconferencing devices, and configured to 
communicate with the peripherals utilizing the appropriate communication 
protocols. 

(6) A Dynamic Host Configuration Protocol (DHCP) server 560, for 
1 5 centrally managing and automating the assignment of IP addresses in an 

organization's network. 

(7) Network Address Translation (NAT) 520, for masking and translating 
IP addresses between inside and outside networks. 

(8) A File Transfer Protocol (FTP) server 580, for providing capability for 
2 0 exchanging files over a network, including software updates. 

(9) Telnet server 570, for accessing the NPD 300 and computers 190 
remotely over a network. 

12 
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(10) Simple Network Management Protocol (SNMP) 540, for managing 
both the access and server sides of the NPD 300, and for monitoring the 
performance of NPD 300. 

(11) An integrated backup application 575, for pushing files to a locally 

5 cormectedcomputerSS^ 

also provides packet redirection for redirecting e-mail and server request data 
packets to an alternate storage device while the system is down. The NPD 300 
m ayoptionaUybeconngu^^ 

shown) for f adUtating selective data file backup to a storage server within an 
10 enterprise network. Alternatively, a remote management server 310 (FIG. 3) 

provides the storage capacity for the backup files. The backup application 575 is 
accessible for configuration, management, and execution via telnet services 570. 

(12) Video multi-casting capability for operating as a gateway for video 
signal transmission. Utilizing this capability, a user can store video files 565 on 
15 the storage device 422 of NPD 300 and configure a web page with a link to the 
video file. Thus, viewers at a connected workstation can view the video by 
Unking to the file through the web page and allowing the HTTP server 530 to 
respond. 

(13) Auto<onfiguration daemon/ service 590, for registering the NPD 300 
20 with an access provider DSLAM 110, for domain name system (DNS) name 
registration, and IP address assignment. Auto configuration services 590 are 
triggered by appropriate signals from a hardware detection module 595. If a 
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user wants to manage the NPD 300, theuser will obtain a personal domain name 
and be allowed to manage the system through the web based user interface. 
Alternatively, the NPD 300 is provided with an IP address and automatically 
configured with a domain name utilizing the autoconfiguration function. 
5 FIG. 6 illustrates the steps of the auto-configuration daemon 590. The 

auto-configuration daemon 590 is a program that rims continuously waiting for 
positive hardware detection signals 600. When the NPD 300 is connected to the 
network, the auto-configuration daemon 590 proceeds to decide if the new 
connection is not already accounted in the configuration settings 610. If not, the 

1 0 auto-configuration daemon 590 must still decide if manual user management 
mode is in effect 620. Finally, if appropriate, the auto-configuration daemon 590 
will execute the necessary auto configuration routines 630. 

The preceding list of software applications is exemplary and not intended 
to limit the scope of the invention. 

15 It will be recognized by those skilled in the art that, while the invention 

has been described above in terms of preferred embodiments, it is not limited 
thereto. Various features and aspects of the abovedescribed invention may be 
used individually or jointly. Further, although the invention has ben described 
in the context of its implementation in a particular environment and for 

2 0 particular applications, those skilled in the art will recognize that its usefulness is 
not limited thereto and that the present invention can be utilized in any number 
of environments and implementations. 

14 
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What is claimed is: 

1. A device fa generatag and providing services from a network, the device 
comprising: 

5 a port for providing a physical interface to the network; 

an access controller coupled to the port; and 
a network controller coupled to the access controller. 

2. The device of claim 1 wherein the access controller is coupled to the network 
controller by means of a programmable logic device. 

10 3. The device of claim 2 wherein the programmable logic device further 
comprises an Ethernet interface. 

4. The device of claim 1 further comprising a communication port coupled to the 
network controller. 

5. The device of claim 4 wherein the communication port is an RS-232 interface. 

15 6 . The device of claim 1 further conprising a management port coupled to the 
access controller. 

7. The device of claim 6 wherein the management port is an RS-232 interface. 

15 
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8. The device of claim 1 further comprising a plurality of analog ports coupled to 
the access controller through a ccriec and a DSP. 

9. The device of claim 1 further comprising a plurality of network ports coupled 
to the network controller through a hub. 

5 10. A method for generating and providing services from a network comprising 
the steps of: 

interfacing to the network; 

executing a first set of the instructions in an access controller; and 
executing a second set of the instructions in a network controller. 

1 0 11. The method of claim 10 wherein the step of executing a second set of 

instructions further comprises locallyconfiguring the second set of instructions. 

12. The method of claim 10 wherein the step of executing a second set of 
instructions further comprises remotely configuring the second set of 
instructions. 

1 5 13. The method of claim 10 further comprising the step' of mirroring the first and 
second set of instructions. 
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5 



14. An apparatus for generating and providing services from a network to a user 
device, the apparatus comprising: 

a port for providing a physical interface to the network; 

an access controller coupled to the port; 

a network controller coupled to the access controller, the access controller 
and the network controller being coupled to the user device. 

15. The device of claim 14 wherein the user device coupled to the access 
controller further comprises an analog device. 



16. The device of claim 14 wherein the user device coupled to the network 
1 o controller further comprises a computer. 
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